In our previous post, we set up Laravel and created basic routes and views. Now, let's dive into one of the most fundamental aspects of web development; handling form submissions with controllers.
Instead of building a complete CRUD application all at once, we'll focus on a single, manageable piece - creating a registration form and processing it with a controller.
What We'll Build Today
We'll create a simple user registration form that:
- Displays a clean registration form
- Handles form submission with a controller
- Validates user input
- Demonstrates Laravel's security features
Step 1:Creating the Registration Form View
First navigate to the resources folder then the views folder.
Here create a new file home.blade.php. Inside this file we'll come up with a simple HTML file that has a registration form.
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Simple Blog Registration</title>
</head>
<body>
<div style="border: 1px solid black;">
<h2>Register</h2>
<form action="/register" method="post">
@csrf
<input type="text" placeholder="name" name="name"/>
<input type="email" placeholder="email" name="email"/>
<input type="password" placeholder="password" name="password"/>
<button type="submit">Submit</button>
</form>
</div>
</body>
</html>
Explanation:
The Essential @csrf Directive: Notice the line @csrf. This is a Blade directive that Laravel automatically expands into a hidden input field containing a security token. This token prevents Cross-Site Request Forgery (CSRF) attacks. Anytime you create a POST, PUT, or DELETE form in Laravel, you must include @csrf!
Step 2:Setting Up Routes
Now, let's configure our routes to handle both displaying the form and processing the submission:
<?php
use Illuminate\Support\Facades\Route;
use App\Http\Controllers\UserController;
Route::get('/', function () {
return view('home');
});
Route::post('/register', [UserController::class, 'register']);
Explanation:
We define two routes that look similar but serve completely different purposes because of their HTTP verb:
-
Route::get('/'): A standard GET request, used to simply fetch and display thehomeview (the form). -
Route::post('/register'): A POST request, which is specially designed to send data to the server. This route does not display a view, it directs the data to our Controller for processing.
Step 3:Creating the Controller
Now we move to the brain of the operation, the Controller.
To create the controller, run the following Artisan command in your terminal to create the Controller file:
php artisan make:controller UserController
This creates the file app/Http/Controllers/UserController.php.
Code snippet:
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
class UserController extends Controller
{
public function register(Request $request){
$incomingFields = $request->validate([
'name' => 'required',
'email' => 'required|email',
'password' => 'required'
]);
return "Hello from controller";
}
}
The Power of the Controller
The most important part of this code is the Request $request parameter in the method signature.
The Request Object:When the router directs the data flow here, it packages all the form information, headers, and metadata into a single, powerful object: $request. The controller's primary job is to interact with this object.
The first thing we do is call $request->validate([...]). This line is doing heavy lifting:
- It collects the form fields(name,email,password).
- It checks each field against the rules you defined.
- If any rule fails, Laravel stops the script, sends the user back to the form, and stores the errors for us to display. No need for manual redirection or error handling!
What's Next
We have successfully built the full circuit: View -> Route -> Controller.
Currently, we only validate the data. In the next part, we will discuss Database Migrations and Eloquent Models to set up our user table and complete the "Create" step by securely hashing the password and saving the user record to the database!
Top comments (0)